DH parameters

OpenSSL DH Parameters

The main components utilizing OpenSSL are LDAP, MTA, and Proxy services. In ZCS 8.7, the default DH Parameter uses 2048-bits (ref: bug 99558, bug 99564 - MTA/smtpd_tls_dh1024_param_file, Proxy/ssl_dhparam). The new global configuration parameter to store the PEM formatted DH parameter data is zimbraSSLDHParam. A new utility zmdhparam can be used to create new custom DH parameters.